Re: 2.6.20 and IP_CONNTRACK_FTP
David Baron wrote:
> On Thursday 22 February 2007, firstname.lastname@example.org
>> > Compiled it taking all the defaults on new features. It boots just fine
>> > but has fatal ip_tables errors over and over missing this item. Cannot
>> > connect to internet.
>> > Any ideas? Do I need this and why?
>> > Google had something about setting: modprobe ip_conntrack_ftp
>> > ports=21,2121 if compiled as a module. So I set the previously unset
>> > constant=m and am recompiling. Where would I specify the modprobe
>> > arguments?
>> I ran into this compiling 2.6.20 with the .config of 2.6.19 and FireHol
>> complained as you describe.
>> I changed the .config as follows:
>> diff .config.2.6.20 .config.220.127.116.11.ck2
>> < CONFIG_NF_CONNTRACK_ENABLED=m
>> < # CONFIG_NF_CONNTRACK_SUPPORT is not set
>> < CONFIG_IP_NF_CONNTRACK_SUPPORT=y
>> < CONFIG_IP_NF_CONNTRACK=m
>> < # CONFIG_NETFILTER_XT_TARGET_NFLOG is not set
>> < # CONFIG_NETFILTER_XT_MATCH_HASHLIMIT is not set
>> > CONFIG_IP_NF_CONNTRACK=m
>> > # CONFIG_IP_NF_MATCH_HASHLIMIT is not set
>> < CONFIG_IP_NF_NAT_FTP=m
>> > CONFIG_IP_NF_NAT_FTP=m
> there are entries for CONFIG_NF_CONNTRACK ....
> there are also entries for CONFIG_IP_NF_CONNTRACK !!
> So ... I set the ones like you have <
> Try to recompile :-)
My attempt at building 2.6.20 after make oldconfig
and accepting defaults also went badly. Being utterly
ignorant, I began again, this time choosing to include
(as Y or m) most of the netfilter stuff that was unset
by default. This worked. And I'm still ignorant.